The title of this post is meant to be a generalization and to grasp your attention because it’s an important matter – data security that is. The bigger companies seem to understand its importance, and many do take the necessary precautions to maintain some level of data security. They don’t always do it very well, but quite often they have the basics covered. SMEs on the other hand very often don’t have much demonstrated concern for the privacy or security of their website visitors.

You might be questioning what data could the website of an SME possibly deal with. Well, let’s take a very basic example – contact forms. Almost every corporate website has one, but many don’t even have the basics covered.

When a visitor to your website fills out a contact form, they’re almost always providing you with some form of personal information. It might just be their name and email address, but some companies even ask for a physical address, current company, or a phone number. There’s nothing wrong with asking for this information, and if the visitor volunteers it, then that’s their choice. But regardless of the fact that they’ve volunteered this information, you still have a responsibility to ensure that their data stays protected.

Here are a few pointers that should keep your visitors’ information safe*:

Make sure that pages on your website that capture user data are secured with SSL. This is a very basic level of security, can cost as little as a few dollars a year, and sometimes comes free with hosting packages. With SSL, the data that’s being submitted by your visitors will be safely transported across the Internet and away from prying eyes.

Have a Privacy Policy cleared and visibly presented on your website. It’s important to be very transparent about what information you capture and what you intend to do with it. The best (and most legally sound) way of devising a Privacy Policy is to hire a lawyer; however, this can be quite costly. In our humble opinion, it’s better to have a clear statement written by a layman than have nothing at all, so go ahead and write one up yourself. Just be clear, honest, and straightforward. If and when you can actually hire a lawyer, then please do so.

Be generally responsible and respectful with people’s personal information:

Hosting providers tend to automatically back up your website and database for you. Read through their privacy and data retention policies, and make sure that you’re okay with what they claim.

Make sure employees that have access to this data do so responsibly. It’s a good idea to have them sign an agreement of some sort stating their moral and ethical responsibilities.

Don’t ever share your visitors’ information with any third-party without first consenting with them. Take on a strict opt-in policy, and don’t abuse their trust. In some cases, doing so may be considered breaking the law.

Make sure you use the data only for the purpose it was originally intended for. Don’t think that you’re sitting on an email-marketing goldmine and that you can do what you want with the data you’ve been entrusted with. That’s right, entrusted with (let that sink in).

Our advice is to get rid of the data the second you no longer need it. Why hang on to the personal information of others without any need or purpose. If a potential customer has provided you their information in order to request a brochure, send them the brochure and delete the data unless they’ve opted-in to receive further communication from you in the future.

There’s a lot more that can be done, but it really doesn’t take much more than a bit of respect to devise a proper strategy for ensuring that data people provide you with remains safe. Treat the information of others the way you’d want your data to be treated.

You may think that doing all this is a waste of time and that your visitors wouldn’t appreciate it anyway… but don’t underestimate people. Privacy is an important subject and every effort you make will certainly resonate with your visitors.

We have a strong and very capable team of technologists that can give your website a thorough review and advise you on what needs to be done to keep your visitors’ information safe. Give us a call today!

* This information is provided without any warranty or guarantee. Since data privacy typically has legal implications, we advise you to consult legal counsel prior to implementing any of the advice provided in this article.